Move configuration to community and local config files
Signed-off-by: Blackyfff <blackyfff@noreply.git.freifunk-franken.de>
This commit is contained in:
parent
a1476d914a
commit
89c9416d92
|
@ -0,0 +1,13 @@
|
||||||
|
### The community domain; must be set even if it is not served by this server
|
||||||
|
CommunityDomain="fff.community"
|
||||||
|
|
||||||
|
### Subdomain for CommunityDomain only serving non RFC 1918/4193 addresses, otherwise leave empty
|
||||||
|
CommunityExternPrefix="extern"
|
||||||
|
|
||||||
|
CommunitySubnets="10.50.0/16 10.83.0/16 fd43:5602:29bd::/48"
|
||||||
|
|
||||||
|
### master file in remote needs to be named: db.$CommunityDomain
|
||||||
|
RemoteLocation="https://git.freifunk-franken.de/freifunk-franken/dns/raw/branch/master/"
|
||||||
|
|
||||||
|
### TTL Refresh Retry Expire Minimum
|
||||||
|
TTLReReExMi="3600 2000 6400 2419200 86400"
|
|
@ -0,0 +1,38 @@
|
||||||
|
### DNSSCRIPT_CONTACT_EMAIL the responsible person can be contacted there; needs zone-file format
|
||||||
|
#DNSSCRIPT_CONTACT_EMAIL="info.freifunk-herpf.de."
|
||||||
|
DNSSCRIPT_CONTACT_EMAIL=""
|
||||||
|
|
||||||
|
### DNSSCRIPT_SERVER_NAME must be this server given in community zone files NS entry and/or subdomain entries
|
||||||
|
### Full Hostname, w/o trailing dot
|
||||||
|
#DNSSCRIPT_SERVER_NAME="dns.herpf.fff.community"
|
||||||
|
DNSSCRIPT_SERVER_NAME=""
|
||||||
|
|
||||||
|
ZoneFilesFolder="/etc/bind/fff/"
|
||||||
|
BindIncludeFileFolder="/etc/bind/"
|
||||||
|
TempFolder="/tmp/ffdns/"
|
||||||
|
|
||||||
|
### specify the bird/babel or other routing table[s]
|
||||||
|
### if RoutingTables is empty, the ICVPN-ACL-List will be fetched remotely (for servers that are no gateway)
|
||||||
|
RoutingTables="10"
|
||||||
|
|
||||||
|
### -1 -> disable bind [restart|reload]
|
||||||
|
### 0 -> Debian (and like) systemctl [reload|restart] bind9
|
||||||
|
### 1 -> use rndc to [reload zone|reconfig] (recommended; rndc needs setup first)
|
||||||
|
### 2 -> OpenWRT /etc/init.d/named [reload|restart]
|
||||||
|
DNSSCRIPT_BIND_RELOAD_VER=0
|
||||||
|
|
||||||
|
# the views specified in named.conf
|
||||||
|
|
||||||
|
### must have at least one entry
|
||||||
|
InternalViews="icvpn-internal-view icvpn-internal-dns64-view"
|
||||||
|
|
||||||
|
### can be empty
|
||||||
|
ExternalView="external-view"
|
||||||
|
|
||||||
|
#DNSSEC
|
||||||
|
|
||||||
|
### DNSSECPolicy and Folder specified in named.conf; if no DNSSEC is used leave empty
|
||||||
|
#DNSSECPolicy="herpf"
|
||||||
|
DNSSECPolicy=""
|
||||||
|
#DNSSECKeyFolder="/etc/bind/keys/"
|
||||||
|
DNSSECKeyFolder=""
|
|
@ -8,48 +8,19 @@
|
||||||
# exit script when command fails
|
# exit script when command fails
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
# Communityconfig
|
. /etc/ffdns/community.conf
|
||||||
CommunityDomain="fff.community"
|
. /etc/ffdns/local.conf
|
||||||
CommunityExternPrefix="extern"
|
|
||||||
CommunitySubnets="10.50.0/16 10.83.0/16 fd43:5602:29bd::/48"
|
|
||||||
RemoteLocation="https://git.freifunk-franken.de/freifunk-franken/dns/raw/branch/master/"
|
|
||||||
DNSSECPolicy="herpf"
|
|
||||||
|
|
||||||
# Serverconfig
|
export DNSSCRIPT_CONTACT_EMAIL
|
||||||
export DNSSCRIPT_CONTACT_EMAIL=info.freifunk-herpf.de.
|
export DNSSCRIPT_SERVER_NAME
|
||||||
# DNSSCRIPT_SERVER_NAME must be the server given in community zone files NS entry (Full Hostname, w/o trailing dot)
|
export DNSSCRIPT_BIND_RELOAD_VER
|
||||||
export DNSSCRIPT_SERVER_NAME=dns.herpf.fff.community
|
|
||||||
UpdateScriptsFolder="/usr/lib/ffdns/"
|
|
||||||
ZoneFilesFolder="/etc/bind/fff/"
|
|
||||||
BindIncludeFileFolder="/etc/bind/"
|
|
||||||
DNSSECKeyFolder="/etc/bind/keys/"
|
|
||||||
TempFolder="/tmp/dnsscripts/"
|
|
||||||
# specify the bird/babel or other routing table[s]
|
|
||||||
# if RoutingTables is empty, the ICVPN-ACL-List will be fetched remotely (for servers that are no gateway)
|
|
||||||
RoutingTables="10"
|
|
||||||
|
|
||||||
# -1 -> disable bind [restart|reload]
|
|
||||||
# 0 -> Debian (and like) systemctl [reload|restart] bind9
|
|
||||||
# 1 -> use rndc to [reload zone|reconfig] (recommended; rndc needs setup first)
|
|
||||||
# 2 -> OpenWRT /etc/init.d/named [reload|restart]
|
|
||||||
export DNSSCRIPT_BIND_RELOAD_VER=0
|
|
||||||
|
|
||||||
InternalViews="icvpn-internal-view icvpn-internal-dns64-view"
|
|
||||||
ExternalView="external-view"
|
|
||||||
|
|
||||||
# TTL Refresh Retry Expire Minimum
|
|
||||||
TTLReReExMi="3600 2000 6400 2419200 86400"
|
|
||||||
|
|
||||||
# ForwardZones: "<Zone>/<Zonendatei>" ; optionaly multiple " ""<ZoneX>/<ZonendateiX>" no spaces in full filename
|
|
||||||
ForwardZones="$CommunityDomain""/""$ZoneFilesFolder""db.icvpn-internal-view.""$CommunityDomain"
|
|
||||||
|
|
||||||
|
|
||||||
#############################################################
|
|
||||||
cd "$UpdateScriptsFolder"
|
|
||||||
|
|
||||||
|
cd /usr/lib/ffdns/
|
||||||
. ./dns-functions.sh
|
. ./dns-functions.sh
|
||||||
|
|
||||||
FirstInternal="$( echo "$InternalViews" | sed -ne 's/^\(\S\+\)\s.*$/\1/p')"
|
FirstInternal="$( echo "$InternalViews" | sed -ne 's/^\(\S\+\)\s.*$/\1/p')"
|
||||||
|
# ForwardZones: "<Zone>/<Zonendatei>" ; optionaly multiple " ""<ZoneX>/<ZonendateiX>" no spaces in full filename
|
||||||
|
ForwardZones="$CommunityDomain""/""$ZoneFilesFolder""db.""$FirstInternal"".""$CommunityDomain"
|
||||||
BindIcvpnAclTmp="$TempFolder""icvpn-acl.conf"
|
BindIcvpnAclTmp="$TempFolder""icvpn-acl.conf"
|
||||||
BindIcvpnAcl="$BindIncludeFileFolder""icvpn-acl.conf"
|
BindIcvpnAcl="$BindIncludeFileFolder""icvpn-acl.conf"
|
||||||
[ -z "$CommunityExternPrefix" ] || CommunityExternDomain="$CommunityExternPrefix"".""$CommunityDomain"
|
[ -z "$CommunityExternPrefix" ] || CommunityExternDomain="$CommunityExternPrefix"".""$CommunityDomain"
|
||||||
|
|
Loading…
Reference in New Issue